WhiteSource Unveils Free to Use Vulnerability Checker to Combat Most Critical Open Source Vulnerabilities

WhiteSource, the leader in open source security and license compliance management, announced today the release of its Vulnerability Checker, a free tool that can detect if your products contain any of the 50 most critical open source vulnerabilities published in the last month.

The new standalone CLI tool is free to use and available for anyone to download directly from the WhiteSource website. Once downloaded, the Vulnerability Checker offers users the opportunity to import and scan any library and run a quick check on the chosen development projects against last month's top 50 open source vulnerabilities. The Vulnerability Checker compiles a detailed report within minutes after scanning the designated libraries in your command line, highlighting detected vulnerabilities, their severity, paths, as well as links to references and suggested fixes.

Every month, open source community contributors and researchers publish dozens of new security vulnerabilities found in open source projects. In its "Top Open Source Vulnerabilities of the Month" reports, the WhiteSource research team outlines the vulnerabilities most impactful to users over the course of the past month to help promote awareness and facilitate proper open source security management. WhiteSource's new Vulnerability Checker syncs with its research team's monthly reports, and detects all open source components in users' projects, providing an immediate alert if any of the month's top 50 vulnerabilities are detected.

"With our new Vulnerability Checker, we can provide everyone — from our largest enterprise customers to young developers — quick and accurate data on their open source usage," explains David Habusha, VP of Product at WhiteSource. "This new tool is a great way for us to enable all developers to leverage the open source data continuously collected by the WhiteSource database, giving them insight into their open source usage and empowering them with the critical open source security information that they need."